Telecommunication networks provide for the transmission of information across some distance through terrestrial, wireless or satellite communication networks. Such communications may involve voice, data or multimedia information, among others. In addition, telecommunication networks often offer features and/or services to the customers of the network that provide flexible and varied ways in which the communications are transmitted over the network. For example, some telecommunication networks provide Internet access to the customers of the network. Such services are typically requested by the customer to be provided by the network.
In some instances, telecommunications networks may suffer an attack by an actor to gain access to the network or to disrupt the operation of the network. Attacks on the network may take many forms, including disruptive attacks, penetration attacks, and/or fraudulent access of the network. For example, one type of disruption attack on the voice network includes a Distributed Denial Of Service (DDOS) attack from one or more source devices. In general, a DDOS attack occurs when an actor floods the network with requests to a particular destination device in an attempt to overwhelm the device and block legitimate communications from legitimate sources. Penetration attacks are designed to gain access to the services provided by the network without paying for such services. Such an attack may include attempting to guess or otherwise access usernames or passwords of network users or exploiting system vulnerabilities to gain access to services of the network. Yet another type of attack includes an actor accessing a customer account and using the customer's access to obtain services from the network. Any or all of these attacks may disrupt the operation of the telecommunications network.
Previous systems to provide security against such attacks on the voice IP network are generally ineffective against all types of attacks. For example, a DDOS attack may be detected by a security protocol for the network, but such systems typically do not detect penetration or fraud attacks. Further, many network attacks may only be detected locally such that an actor may attack the network at geographically diverse locations to make detection of the attack even more difficult for the network.
It is with these and other issues in mind that various aspects of the present disclosure were developed.